Robust location distinction using temporal link signatures

ABSTRACT

The ability of a receiver to determine when a transmitter has changed location is important for energy conservation in wireless sensor networks, for physical security of radio tagged objects, and for wireless network security in detection of replication attacks. In embodiments of the present invention, a measured temporal link signature is determined to uniquely identify the link between a transmitter and a receiver. The temporal link signature is an impulse response of a transmitted signal from the transmitter over a channel between the transmitter and a receiver over a channel. When the transmitter changes location, or if an attacker at a different location assumes the identity of the transmitter, the proposed link distinction methodology reliably detects the change in the physical channel. This detection can be performed at a single receiver or collaboratively by multiple receivers.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present invention claims priority to and the benefit of ProvisionalApplication No. 60/970,094 to Patwari et al., entitled “Robust LocationDistinction Using Temporal Link Signatures,” filed on Sep. 5, 2007,which is herein incorporated by reference in its entirety.

FIELD OF INVENTION

The present invention relates to the field of wireless networks.Specifically, the present invention relates to a temporal link signaturethat uniquely identifies the link between a transmitter and a receiver.

THE RELEVANT TECHNOLOGY

Location distinction is critical in many wireless network situations,including motion detection in wireless sensor networks, physicalsecurity of objects using wireless tags, and information securityagainst replication attacks. Some applications requiring locationdistinction and motion detection include wireless sensor networks,active radio frequency identification (RFID), and secure wirelessnetworks.

For instance, in wireless sensor networks, sensor location can beassociated with measured sensor data for use in geographiclocation-based routing methods. Some wireless networks are deployedpurely to be able to locate active RF transmitter tags placed in objectsfor logistical purposes, such as those used in warehouses or factories.In one particular application, location estimation must be done in anenergy efficient manner, especially for networks of sensors with smallbatteries that must last for years.

In addition, active wireless tags can be used to protect the physicalsecurity of objects. For example, RFID tags are fast replacing bar-codesand are used as a means for improved logistics and security for productsin stores and warehouses. Active RFID in particular is desired for itsgreater range, but a tag must be in range of multiple base stations (BS)in order to be able to estimate its location. Location distinction iscritical to provide a warning and to be able to focus resources (e.g.,security cameras, personnel) on moving objects.

Security is of utmost concern when protecting wireless networks. Inparticular, wireless networks can be vulnerable to medium access control(MAC) address spoofing. That is, an adversary, at a different location,can claim to be another node by spoofing its address. Traditionalcryptography methods can be implemented to prevent this spoofing;however, these methods are susceptible to node compromise.

As described above, many applications including those listed aboverequire location distinction. However, existing techniques fail to do soin an efficient and robust manner. For example the use ofaccelerometers, Doppler, and received signal strength each have theirown disadvantages, as described below.

An accelerometer detects changes in velocity. However, accelerometerscan be cost prohibitive. The additional device cost of an accelerometermay be acceptable for protection of high-value assets, but would beprohibitive for applications such as bar-code replacement andlarge-scale sensor networks. Furthermore, an accelerometer needscontinuous power that would excessively drain battery power since theaccelerometer cannot detect motion from a sleep state.

Doppler is the frequency shift caused by the velocity of a transmitterand can be used to detect movement of an object. However, the use ofDoppler measurements is limited to situations only in which the objectis moving. That is, Doppler measurements provide limited informationafter object has stopped moving. Thus, transmission of a Doppler signalcould not be intermittent like a packet radio, and would requireexcessive use of battery power.

Further, received signal strength (RSS) can be used to detect movementof a transmitter. However, RSS measurements vary due to small-scale andfrequency-selective fading, such that its use in location distinctionrequires multiple measurements at different receivers. However, forwireless sensor networks, multi-node collaboration is expensive in termsof energy requirements and usage.

SUMMARY OF THE INVENTION

Accordingly, what is needed is an energy efficient manner for performinglocation distinction in wireless sensor networks.

In one embodiment, a radio channel identifier defines a signature.Specifically, the radio channel identifier comprises a temporal linksignature between a transmitter and a receiver. The transmitter islocated at a first location. The receiver is located at a secondlocation. The temporal link signature comprises a characteristic of animpulse response of a transmitted signal from the transmitter over achannel between the transmitter and the receiver.

In another embodiment, a method for detecting a change in transmitterlocation is described.

The method begins by determining a baseline temporal link signature of achannel between a transmitter located at a first location and a receiverat a second location. The baseline temporal link signature ischaracteristic of a first impulse response of at least one transmittedsignal over the channel. A signal is received at the receiver, whereinthe signal is based on a second transmitted signal from an unknowntransmitter at an unknown location. The unknown transmitter ispresumably the transmitter. A temporal link signature is determinedbased on the signal that is received. The temporal link signature ischaracteristic of an impulse response of the second transmitted signalover an unknown channel between the unknown transmitter and thereceiver. A change between the first location and the second location isdetected by determining if the temporal link signature is different fromthe baseline temporal link signature.\

BRIEF DESCRIPTION OF THE DRAWINGS

Exemplary embodiments are illustrated in referenced figures of thedrawings which illustrate what is regarded as the preferred embodimentspresently contemplated. It is intended that the embodiments and figuresdisclosed herein are to be considered illustrative rather than limiting.

FIG. 1 is a network illustrating a robust location distinctionmechanism, in accordance with one embodiment of the present invention.

FIG. 2 is a flow diagram illustrating a method for location distinction,in accordance with one embodiment of the present invention.

FIG. 3 is a system capable of implementing a method for locationdistinction, in accordance with one embodiment of the present invention.

FIG. 4 is a flow diagram illustrating a particular implementation of amethod for location distinction, in accordance with one embodiment ofthe present invention.

FIG. 5 is a diagram of a history of temporal link signatures, inaccordance with one embodiment of the present invention.

FIG. 6 is a block diagram of a system including multiple receivers forimplementing a method for location distinction, in accordance with oneembodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Reference will now be made in detail to the preferred embodiments of thepresent invention, a method and system for performing locationdistinction in a wireless network for purposes of detecting a change intransmitter or receiver location, or a combination of both. While theinvention will be described in conjunction with the preferredembodiments, it will be understood that they are not intended to limitthe invention to these embodiments. On the contrary, the invention isintended to cover alternatives, modifications and equivalents which maybe included within the spirit and scope of the invention as defined bythe appended claims.

Accordingly, embodiments of the present invention provide for a robustlocation distinction mechanism that uses a physical layer characteristicof the radio channel between a transmitter and a receiver, thatcomprises a temporal link signature. The temporal link signature is thesum of the effects of the multiple paths from the transmitter to thereceiver, each with its own time delay and complex amplitude (e.g., realor complex). Such a signature changes when the relative position betweenthe transmitter and receiver changes, because the multiple paths in thelink change with the positions of the endpoints of the radio link.Embodiments of the present invention are capable of detecting the changein signature. As a result, additional response steps may be implementedbased on the change of the temporal link signature.

Method and System for Location Distinction:

FIG. 1 illustrates a network 100 including transmitters i and receiversj that is capable of performing location distinction, in accordance withone embodiment of the present invention. In particular, the network 100illustrates a known relationship between receiver j₁ at node 110 andtransmitter i₁ at node 120A at an initial state. That is, transmitter i₁is located at a first location node 120A and receiver j₁ is located at asecond location, node 110. The present embodiment is capable ofdetermining if a temporal link signature of the radio channel 125between transmitter i₁ at node 120A and receiver j₁ at node 110 haschanged. A change in the temporal link signature may indicate thateither transmitter i₁ or receiver j₁ has moved, that both transmitter i₁or receiver j₁ have moved, or that an adversary transmitter i₂ at node130 is impersonating transmitter i₁ at node 120A.

In particular, in the network 100, a radio link exists betweentransmitter i₁ at node 120A and receiver j₁ at node 110. The receiver j₁can measure and record the temporal link signature of link (i₁,j₁). Whentransmitter i₁ moves to node 120B, the present embodiment can thendistinguish the new link signature from one or more previously recordedlink signatures, and declare that transmitter i₁ has moved, in oneembodiment.

Alternatively, if an adversary, transmitter i₂, impersonates transmitteri₁ from node 130, the adversary's transmission to receiver j₁ at node110 will be detected to be from a different location. Thereafter, anappropriate action may be taken.

In still another embodiment, while the detection of a temporal linksignature change between transmitter i₁ and receiver j₁ can be reliablyperformed at one receiver, receiver j₂ at node 115 can also participatein the detection process for higher reliability and robustness.Specifically, measurements at multiple receivers can be used to achieveeven higher robustness of location distinction.

In contrast to existing techniques, location distinction using temporallink signatures does not require continuous operation, in oneembodiment. That is, a sensor transmitting a signal can schedule one ormore sleep periods, and a wireless network can send packetsintermittently. When awakened from sleep or upon reception of thesubsequent packet, a receiver can detect that a neighboring transmitterhas moved since its past transmission. As an added advantage, temporallink signatures in embodiments of the present invention can be measuredat a single receiver and require no additional complexity at thetransmitter, which keeps tag cost and energy consumption low.

For secure wireless networks, such as that illustrated in network 100,temporal link signatures are particularly robust to impersonationattacks because of three physical barriers. First, an attacker (e.g.,transmitter i₂ at node 130) cannot measure the link signature of thelegitimate links between a transmitter and corresponding receivers,unless it is at exactly the same location as all receivers. As such, thelink signature acts as a form of secrecy, which in combination with thereciprocity of the channel 125 impulse response, can be used to obtain ashared secret for purposes of a secure wireless communication. Second,even if an attacker (transmitter i₂) can measure a link signature, itwill not have the same link signature at the receiver j₁ unless theattacker (e.g., transmitter i₂) is at exactly the same location as thelegitimate transmitter (e.g., transmitter i₁), which is difficult, ifnot impossible to achieve. Furthermore, an attacker (transmitter i₂) canchange its measured link signature, but cannot ‘spoof’ an arbitrary linksignature.

These three physical barriers exist because the link between alegitimate transmitter (e.g., transmitter i₁) and the attacker'sreceiver (e.g., receiver at node 130) is a different physical channelcompared to the one between the legitimate transmitter (e.g.,transmitter i₁) and legitimate receiver (e.g., receiver j₁ at node 110).Further, any signal sent by the attacker (e.g., transmitter i₂) to thelegitimate receiver (e.g., receiver j₁ at node 110) must be filtered bya third different physical channel between them.

FIGS. 2 and 3 together illustrate a method and system for performinglocation distinction in order to determine a change in the physicalrelationship between a transmitter and a receiver, in accordance withone embodiment of the present invention. For instance, the method andsystem of FIGS. 2 and 3 can be used to determine if either thetransmitter or receiver, or a combination of both, has moved from aprevious location.

In particular, FIG. 2 is a flow chart 200 illustrating a method forlocation distinction, in accordance with one embodiment of the presentinvention. The system 300 of FIG. 3 is capable of implementing themethod of FIG. 2, in accordance with one embodiment of the presentinvention. In particular, system 300 can be located at a receiver (e.g.,receiver j₁ or receiver j₂), in one embodiment. In another embodiment,system 300 can be located at a remote location separate from eitherreceiver j₁ or receiver j₂ in a multiple receiver network, or in asingle receiver network.

Returning to FIG. 2, at 210, a baseline temporal link signature ofchannel between a transmitter located at a first location and a receiverat a second location is determined. The baseline temporal link signatureis characteristic of an impulse response of at least one transmittedsignal over the channel, such as a first transmitted signal. In oneembodiment, the baseline temporal link signature module 310 of system300 determines the baseline temporal link signature.

At 220, a signal is received at the receiver. The received signal isbased on a second transmitted signal from an unknown transmitter at anunknown location. In one embodiment, the unknown transmitter ispresumably the transmitter associated with the baseline temporal linksignature. In one embodiment, the receiver 320 receives the signal fromthe unknown transmitter.

At 230, a temporal link signature is determined. The temporal linksignature is based on the received signal. In addition, the temporallink signature is characteristic of an impulse response of the secondtransmitted signal over an unknown channel between the unknowntransmitter and the receiver. In one embodiment, the temporal linksignature module 330 determines the temporal link signature.

At 240, a change between the first location and the second location isdetermined by determining if the temporal link signature from 230 issubstantially different from the baseline temporal link signature. Thatis, in one embodiment, assuming that the unknown transmitter is the sametransmitter used for determining the baseline temporal link signature,if the temporal link signature is substantially different from thebaseline, then the location of the transmitter has changed, assuming thereceiver location stays constant. In another embodiment, an intruder canbe detected when the temporal link signature is substantially differentfrom the baseline, such that the intruder is trying to impersonate thetransmitter used for the baseline temporal link signature. In oneembodiment, the comparator 340 determines if there has been a changebetween the two temporal link signatures.

Temporal Link Signature

The power of the temporal link signature comes from the variability inthe multiple paths over which radio waves propagate on a link. A singleradio link is composed of many paths (also referred to as multiple pathsor multi-paths) from the transmitter to the receiver. For example,referring to FIG. 1, the radio link over channel 125 is composed of manypaths from transmitter i₁ to receiver j₁. These multiple paths arecaused by the reflections, diffractions, and scattering of the radiowaves interacting with the physical environment. Each path has adifferent length, so a wave propagating along that path takes adifferent amount of time to arrive at the receiver. Each path hasattenuation caused by path losses and interactions with objects in theenvironment, so each wave undergoes a different attenuation and phaseshift. At the receiver, many copies of the transmitted signal arrive,but each copy arrives with a different time delay, and with a differentamplitude and phase. The sum of these time delayed, scaled, and phaseshifted transmitted signals is the received signal.

As will be explained below in detail, the temporal link signature isbased on a plurality of time delays and a plurality of amplitudes of themultipath components of the transmitted signal over the channel 125. Inone embodiment, the temporal link signature comprises an impulseresponse of a transmitted signal over the channel 125 between thetransmitter i₁ and receiver j₁, wherein the impulse response is based onthe plurality of time delays and the plurality of amplitudes of themultipath components. For instance, the impulse response can beconfigured as a list, or vector of the plurality of time delays andplurality of amplitudes. In one embodiment, the impulse response is acomplex-valued impulse response, where the amplitude has both amagnitude and a phase angle. In another embodiment, the impulse responseis a real-valued impulse response, wherein only the magnitude of theamplitude is considered.

Since the received signal is a linear combination of the transmittedsignal, we can consider the radio channel or link as a linear filter.For the link or channel in between transmitter i and receiver j, thechannel impulse response (CIR), denoted h_(i,j)(t), is given by Eq. 1,as follows:

$\begin{matrix}{{{h_{i,j}(\tau)} = {\sum\limits_{l = 1}^{L}\;{\alpha_{l}{\mathbb{e}}^{j\phi\mathbb{i}}{\delta\left( {\tau - \tau_{l}} \right)}}}},} & (1)\end{matrix}$In particular, α_(l) and φ_(l) are the amplitude and the phase of thelth multipath component, τ_(l) is the time delay, L is the total numberof multipaths, and δ(τ) is the Dirac delta function. Essentially, thefilter impulse response is the superposition of many impulses, each onerepresenting a single path in the multiple paths of a link. Each impulseis delayed by the path delay, and multiplied by the amplitude and phaseof that path.

The received signal, r(t), is then the convolution of the channel filterand the transmitted signal s(t), as described in Eq. 2.r(t)=s(t)*h _(i,j)(t),  (2)

All receivers measure r(t) in order to demodulate the information bitssent by the transmitter.

Estimation of the Temporal Link Signature

In one embodiment, the received signal, r(t), is used to make aband-limited estimate of h_(i,j)(t). If the bits are correctlydemodulated, s(t), the transmitted signal, can be recreated in thereceiver. In general, estimating h_(i,j)(t) from known r(t) and s(t) inEq. 2 is a de-convolution problem, however, in one embodiment, ade-convolution process need not be performed.

For instance, once the transmitted signal, s(t), is known, thetransmitter can be identified. Specifically, the transmitter isassociated with an identifying signal (e.g., RFID) that is periodicallytransmitted. In that way, a transmitter can be distinguished from aplurality of transmitters based on the identifying signal. In oneembodiment, the identifying signal is also used for purposes ofdetermining the temporal link signature, although this is not arequirement. For instance, one or more signals that are different thanthe identifying signal may be transmitted for purposes of determiningthe temporal link signature.

In particular, generally, digital signals have power spectral densitieswhich are flat inside the band (the frequency range of the channel) inorder to maximize spectral efficiency. Specifically, |S(f)|² isapproximately equal to a known constant, denoted P_(s), for all f withinthe band. In addition, an approximation of h_(i,j)(t) is sufficient, asthere is no need to exactly recreate h_(i,j)(t), in one embodiment.

As a result, in one embodiment, the temporal link signature iscalculated using only convolution, rather than de-convolution. To showthis, Eq. 2 is rewritten in the frequency domain below as Eq. 2A.R(f)=S(f)H _(i,j)(f),  (2A)In Eq. 2A, R(f), S(f), and H_(i,j)(f) are the Fourier transforms ofr(t), s(t), and h_(i,j)(t), respectively.

Thereafter, R(f) is multiplied with the complex conjugate of the Fouriertransform of the re-created transmitted signal, S*(f), in Eq. 3.S*(f)R(f)=|S(f)|² H _(i,j)(f),  (3)Note that this multiplication in the frequency domain is a convolutionin the time domain. As |S(f)|² is nearly constant within the band, Eq. 3is a band limited version of H_(i,j)(f).

Finally, the temporal domain is recovered from Eq. 3 by taking theinverse Fourier transform. The impulse response estimate obtained fromthe nth received packet from transmitter i at receiver j is denotedbelow in Eq. 3A, where

⁻¹ {−} indicates an inverse Fourier transform is performed.

h i , j ( n ) ⁡ ( t ) = 1 P 8 ⁢ ⁢ - 1 ⁢ { S * ⁡ ( f ) ⁢ R ⁡ ( f ) } = 1 P 8 ⁢ ⁢ -1 ⁢ {  S ⁡ ( f )  2 ⁢ H i , j ⁡ ( f ) } ( 3 ⁢ A )

Since the received signal is sampled, the following sampled impulseresponse vector can be determined in Eq. 4.h _(i,j) ^((n)) =[h _(i,j) ^((n))(0), . . . , h _(i,j) ^((n))(κT_(r))]^(T),  (4)In Eq. 4, T_(r) is the sampling rate at the receiver, and κ+1 is thenumber of samples. As shown in Eq. 4, the impulse response includes aplurality of time delays and amplitudes of the multipath components ofthe transmitted signal over the channel. As described previously, theimpulse response may be a complex-valued impulse response, where theamplitude has both a magnitude and a phase angle, or the impulseresponse may be a real-valued impulse response, where the amplitude onlyhas a magnitude.

In one embodiment, the calculation of Eq. 4 can be done regardless ofmodulation, but for particular modulation types, the process is eveneasier. For example, consider receivers for orthogonal frequencydivision multiplexing (OFDM)-based standards, such as in IEEE 802.11a/gand 802.16. Such receivers can be readily adapted to calculate temporallink signatures since the signal amplitude and phase in each sub-channelprovides a sampled version of the Fourier transform of the signal. Ineffect, the Fourier transform operation is already implemented, and R(f)is directly available. In one embodiment, calculation of the temporallink signature requires an additional inverse FFT operator.

In embodiments of the present invention, the calculation necessary forthe computation of temporal link signatures can be performed in existingcode-division multiple access (CDMA) cellular base station receivers, inaccess points for wireless local area networks (WLANs) operating on the802.11b standard, and ultra-wideband (UWB) receivers. Specifically, CDMAreceivers first correlate the received signal with the knownpseudo-noise (PN) signal. Then, the correlator output in a rake receiveris used, which adds in the power from each multipath component. In oneembodiment, the temporal link signature is just the average of thecorrelator output over the course of many bits. UWB receivers alsomeasure a signal which shows an approximate impulse response. In eithercase, little or no additional calculation would be required to implementa temporal link signature-based method for these standard PHY protocols.

Normalization

When describing time measurements, transmitters and receivers aretypically not synchronized. As such, the temporal link signature,h_(i,j) ^((n+1))(t) has only a relative notion of time t. If the nexttemporal link signature on the same link (i,j), h_(i,j) ^((n+1))(t), isequal to h_(i,j) ^((n))(t+Δt), where Δt is a significant offset comparedto the duration of the link signature, the temporal link differencebetween the nth and n+1st measurement will be very high, simply becauseof the lack of synchronization.

To address the synchronization problem, normalization is performed, inone embodiment. That is, the time delay axis is normalized at each newlink signature measurement by setting the time delay of theline-of-sight (LOS) multipath to be zero. In Eq. 1, this means thatτ₁=0, and can be implemented with a threshold detector. That is, when ameasured impulse response first exceeds a threshold, the delay is set to0. In another embodiment, all link signatures in this discussion aretime-delay normalized.

In another embodiment, for purposes of replication attack detection,robustness to attacks requires that signatures be also normalized byamplitude. This is because a transmit power can be easily increased ordecreased. For purposes of clarity, in this specification, normalizedlink signatures refers to amplitude normalization. However, otherembodiments of the present invention are well suited to applications inwhich amplitude normalization is not required.

In the present embodiment, for a normalized link signature, the measuredimpulse response is normalized to unit norm in Eq. 5.h _(i,j) ^((n)) =h _(i,j) ^((n)) /∥h _(i,j) ^((n))∥  (5)In Eq. 5, ∥·∥ indicates the Euclidean (l₂) norm. For purposes of thepresent invention, h_(i,j) ^((n)) refers to the link signature. In otherembodiments, when using a normalized link signature, the term h _(i,j)^((n)) is substituted into any expression in place of h_(i,j) ^((n)).Particular Location Distinction Methodology

FIG. 4 is a flow chart 400 illustrating a method for locationdistinction, in accordance with one embodiment of the present invention.The method illustrated in FIG. 4 can be used to determine movement ofeither a transmitter, or receiver, or combination of the two. Inaddition, the method of FIG. 4 can be used to determine when areplication attack is detected, in another embodiment. The method offlow chart 400 can be implemented within an environment described inFIG. 3. As such, a receiver is designated as j, and a transmitter isdesignated as i.

At 410, a plurality of signals (N−1) is received at a receiver j and ahistory of temporal link signatures can be created. That is, at leastone temporal link signature is used to determine a baseline temporallink signature. More specifically, given receiver j and nodes iε

_(J)(where

_(J) is the set of neighbors of j), a history of N−1 link signatures ismeasured and stored, as Eq. 5A.

_(i,j) ={h _(i,j) ^((n))}_(n=1) ^(N−1)(5A)These histories are assumed to be recorded while transmitter i is notmoving and not under a replication attack, in one embodiment. Still,h_(i,j) ^((n)) will differ due to normal temporal variations in theradio channel. To quantify this variation, receiver j calculates thehistorical average difference (σ_(i,j)) between the N−1 measurements in

_(i,j), as presented below in Eq. 7.

At 420, the Nth measurement h^((N)) is then taken. That is, the Nthtransmitted signal is received as a received signal at the receiver j.More specifically, the received signal is based on an Nth transmittedsignal from an unknown transmitter from an unknown location. It ispresumed that the unknown transmitter is the transmitter i, but it isnot necessarily the case, as will be described below. The presumptioncan be made, in one embodiment, if the transmitted signal, asdemodulated from the received signal, matches the identifying signal ofthe transmitter i. For instance, the transmitted signal may be used forboth identifying transmitter i, and for purposes of determining thetemporal link signature. In another case, a separate signal is used foridentification purposes.

Also, at 430, the temporal link signature of the Nth transmitted signalis determined. The temporal link signature is characteristic of animpulse response of the Nth transmitted signal over the unknown channelbetween the unknown transmitter and the receiver j.

In one embodiment, the temporal link signature is estimated, as isprovided in Eq. 4. More specifically, in the present application,h^((N)) denotes the Nth measurement of the temporal link signature asgiven in Eq. 4. The subscript _(i,j) is left out since it isn't knownyet that the signature matches with link (i,j) between the transmitter iand the receiver j.

At 432, a plurality of distances between the temporal link signature, asdetermined by the Nth transmitted signal, and each of the history oftemporal link signatures is calculated, or determined.

Thereafter, at 435, a representative temporal link signature from thehistory of temporal link signatures is selected that is associated withthe closest distance calculated. In this case, the representativetemporal link signature acts as the baseline temporal link signature.Moreover, the distance d_(i,j) between h^((N)) and the history

_(i,j) that is associated with the representative temporal linksignature is calculated using Eq. 6.

$\begin{matrix}{d_{i,j} = {\frac{1}{\sigma_{i,j}}{\min\limits_{h \in H_{ij}}{{h - h^{(N)}}}}}} & (6)\end{matrix}$Eq. 6 is the normalized minimum Euclidean (l₂) distance between the Nthmeasurement and the history vectors. In other embodiments, many otherdistance measurements are possible, but in the present embodiment, l₂ ischosen as a simple proof-of-concept measure.

Next, at decision step 440, the difference, or distance d_(i,j), iscompared to a threshold to determine if there is a relative changebetween the locations of the transmitter i and the receiver j.Specifically, d_(i,j) is compared to a threshold γ, for a constant γ>0.When d_(i,j)>γ, the method proceeds to 450. Specifically, the differencein the measured temporal link signature, from the Nth transmittedsignal, and its history is not due to normal temporal variations, butthe measured link signature is that of a different link over a differentchannel (e.g., from a new transmission location), and as such a relativelocation change between the transmitter i and receiver j is detected.

More particularly, a movement of the transmitter may be detected when ehtemporal link signature is different from the baseline temporal linksignature. That is, movement of the transmitter is determined when thereceiver location remains static, and the distance d_(i,j) exceeds thethreshold γ.

At 450, appropriate action is taken. The action taken when a transmitteris detected to be at a distinct location is application dependent. If itis determined that the unknown transmitter is transmitter i, then theprocess may begin anew to build a history of temporal link signature forthe new link. On the other hand, if it is determined that the unknowntransmitter is not transmitter i, then the process outlined in FIG. 4may proceed back to 420 in anticipation of the next received signal,from the Nth transmitted signal, since the previously received signal isnot considered in the history of temporal link signatures.

In one embodiment, in the case of the sensor motion detection or objectsecurity applications, where it is expected that no movement wouldoccur, a cooperative sensor localization methodology may be implemented,as discussed below. In other cases, an alarm may be triggered leading toother actions, such as pointing cameras to a particular location,physically investigating why there was movement detected, etc.

In another application, when a replication attack is suspected, thereceiver might collaborate with other receivers to confirm the change inthe location of node i (from the unknown transmitter), or anauthentication process or re-authentication process may be implementedwith the unknown transmitter. For instance, if re-authentication fails,then the Nth transmitted signal may be determined to be from anadversary transmitter, and not transmitter i. Specifically, an adversarytransmitter posing as the transmitter i can be determined when thereceiver location remains static, the distance d_(i,j) exceeds thethreshold γ, and the re-authentication process fails. An alarm may alsobe triggered when the replication attack is verified, or suspected.

On the other hand, if the difference is less than the threshold, thenthe method proceeds to 460 and adds the temporal link signature into thehistory of temporal link signatures. Specifically, when d_(i,j) is lessthan the threshold γ, the measurement is assumed to be from the samelink (e.g., channel between transmitter i and receiver j), such thath_(i,j) ^((N))= h ^((N)). Thereafter, the temporal link signature isincluded in the history,

_(i,j). In one embodiment, for constant memory usage, the oldestmeasurement in

_(i,j) can be discarded.

Thereafter, the method returns to 420 in anticipation for the N+1measurement.

FIG. 5 is a diagram 500 illustrating a history

_(i,j) of temporal link signatures, new measurement h^((N)), and adotted line connecting h^((N)) to its closest point in the history. Thediagram 500 is illustrative of flow diagram 400, in accordance with oneembodiment of the present invention. The normalized distance d_(i,j) isthe length of the line divided by σ_(i,j).

In one embodiment, FIG. 5 is analogous to a clustering algorithmoperating on high-dimensional data. In one embodiment, it is not assumedthat points in

_(i,j) come from a particular distribution. Instead, the spread of thepoints in the cluster (history) is quantified as the average distancebetween pairs of points in the cluster in Eq. 7.

$\begin{matrix}{\sigma_{i,j} = {\frac{1}{\left( {N - 1} \right)\left( {N - 2} \right)}{\sum\limits_{g \in H_{i,j}}\;{\sum\limits_{h \in {H_{i,j}\backslash g}}\;{{{h - g}}.}}}}} & (7)\end{matrix}$

The normalization constant

$\frac{1}{\left( {N - 1} \right)\left( {N - 2} \right)}$comes from N−1 size of the history set,

_(i,j), In one embodiment, half of the terms ∥h−g∥ are calculated sincethe distance is symmetric.Evaluation Methodology

In one embodiment, a methodology is described for determining theaccuracy of the location distinction process of embodiments of thepresent invention. First, a methodology is developed to demonstrate thatthe link signature due to a transmitter at a location i′ and thereceiver at a location j, is different from the link signature historybetween i and j, where i′≠i by more than the threshold γ. Thisdifference is denoted by d_(i-i′,j) and is referred to as the spatiallink difference.

Second, the link signature measured while the transmitter is at the samelocation i and the receiver is at j, will be different from the linksignature history between i and j by less than the threshold γ. Thisdifference is denoted by d_(i,j) ^((N)), and is referred to as thetemporal link difference.

As such, the location change detection test can be viewed as a choicebetween two events H₀ and H₁, in which these terms are defined asfollows in Eqs. 8A and 8B.H₀:d_(i,j)=d_(i,j) ^((N))  (8A)H₁:d_(i,j)=d_(i-v,j)  (8B)Since d_(i,j)s are random variables, their conditional density functionsare denoted f_(d) _(i,j) (d|H₀) and f_(d) _(i,j) (d|H₁). Detectiontheory gives the performance of a detector, using the probability offalse alarm P_(FA) and probability of detection P_(D), as follows inEqs. 9A and 9B.P_(FA)=∫_(χ=γ) ^(∞)∫d_(i,j)(x|H₀)dx  (9A)P_(D)=∫_(χ=γ) ^(∞)∫d_(i,j)(x|H₁)dx  (9B)It is important to note that the probability of missed detection isreferred to as P_(M), where P_(M)=1−P_(D). Since the probabilities are afunction of γ, the lower false alarm rate can be traded for lowerprobability of detection, and vice versa.Collaborative Sensor Receivers

As shown in FIG. 1, multiple receivers can be used for a more robustsystem for determining location distinction, in accordance with oneembodiment of the present invention. In particular, the presentembodiment relies on the collaboration between two or more nodes(receivers).

In sensor networks, although collaboration may expend additionalcommunication energy, it may be used in order to confirm with higherreliability that a transmitter's location has changed. Sensor and ad hocnetworks typically rely on redundancy of links, so each node is expectedto have multiple neighbors. For prevention of replication attacks,collaboration may be normal, and any access points in radio range wouldcollaborate, in one embodiment. For example, WLAN coverage regions oftenoverlap, and hence multiple access points may receive signals from thesame transmitter. As WLANs become more ubiquitous, access pointdensities may increase and would create more overlap.

FIG. 6 is a block diagram of a system 600 including multiple receiversfor implementing a method for location distinction, in accordance withone embodiment of the present invention. As shown in FIG. 6, each of themultiple receivers 610A-N is analogous to the system 300 shown in FIG.3. As such, each of the multiple receivers 610A-N includes a baselinetemporal link signature module, a receiver for receiving a transmittedsignal, a temporal link signature module, and a comparator. In addition,a central module 620 is communicatively coupled with each of themultiple receivers 610A-N. The central module 620 includes a centralcomparator 623 and a locator 625.

For purposes of discussion, the term

is defined to be the set of receivers 610A-N involved in thecollaborative location distinction process for transmitter i. Theprocess proceeds as follows:

Each node jε

records a history

_(i,j) with length N−1. An average difference σ_(i,j) between the linksignatures in the history can be calculated. For instance, each of thebaseline temporal link signature modules (e.g., 611A) records thehistory of temporal link signatures for a corresponding node.

In addition, each node records the new, Nth temporal link signatureh^((N)) and calculates the distance d_(i,j) between it and the history,as in Eq. 6. For instance, the each of the temporal link signaturemodules (e.g., 613A) calculates or determines the Nth temporal linksignature h^((N)) for a corresponding node. In addition, each of thecomparators (E.g., 615A) is able to calculate the distance d_(i,j)between it and the history of temporal link signatures associated withits corresponding node.

For collaboration, in one embodiment nodes jε

send differences d_(i,j) to a central processor, or central comparator623, which then combines the results into a mean distance d_(i)

, represented as follows in Eq. 10. In one embodiment, the centralcomparator 623 is located in one of the receivers. In anotherembodiment, the central comparator 623 is at a remote location,different from any of the receivers. Eq. 10 is listed below.

$\begin{matrix}{d_{i,} = {\frac{1}{}{\sum\limits_{j \in}\;{d_{i,j}}}}} & (10)\end{matrix}$

In the central comparator 623, the result d_(i,J) is compared to athreshold γ. If the difference is above the threshold, it can bedetermined that the new measurement is from a different transmitterlocation, in one embodiment. Otherwise, it can be determined that thenew measurement is from the same transmitter location. This process issimilar to the process outlined in 440, 450, and 460. As such, eachreceiver adds

(N)=h^((N)) to its history for the link (i,j).

In addition, denoting d_(i,j) ^((N)) to be the temporal link difference,and d_(i-v,J) to be the spatial link difference, a choice can be madebetween the two events in Eqs. 11A and 11B, in another embodiment.H₀:d_(i,j)=d_(i,J) ^((N))  (11A)H₁:d_(i,j)=d_(i,J)  (11B)

The conditional density functions (pdfs) are now denoted ∫_(di,J)(d|H₀)and ∫_(di,J)(d|H₁). In addition, the probability of false alarm, P_(FA),and probability of detection, P_(D) are determined in Eqs. 12A and 12B.P_(FA)=∫_(χ=γ) ^(∞)∫d_(i,J)(x|H₀)dx  (12A)P_(D)=∫_(χ=γ) ^(∞)∫d_(i,j)(x|H₁)dx  (12B)

Furthermore, locator 625 is used to determine a location of thetransmitter, in one embodiment. Given the received signals at each ofthe multiple receivers 610A-N, a location algorithm may be used todetermine a geographic location of the transmitter, knowing thelocations of each of the multiple receivers 610A-N. As such, not onlycan a change in location between the relative positions of a transmitterand receiver be determined, but the geographic location of thetransmitter can be determined to substantiate the change in location.

As a result, embodiments of the present invention that provide locationdistinction in wireless networks can be implemented in variousapplications, such as for purposes of providing wireless security forwireless networks, active RFID, wireless sensor networks, forensicsinformation, etc. For instance, for purposes of wireless security, whena imposter is detected, a re-authentication process may be triggered. Inthe case of active RFID, when movement is detected, corrective actioncan be taken, such as confirming that the movement occurred throughvideo, or physical investigation, or additional transmission at higherpower for triangulation. Further, in wireless sensor networks, ifmovement is detected, multiple receiver collaboration can be activatedto verify the movement. Also, in the field of forensics, embodiments ofthe present invention are capable of identifying the location from whicha network break-in was committed. That is, through correlation of eventtiming, location distinction can be implemented to provide additionalinformation showing that a breach occurred.

A method and system for determining location distinction in wirelessnetworks is thus described. While the invention has been illustrated anddescribed by means of specific embodiments, it is to be understood thatnumerous changes and modifications may be made therein without departingfrom the spirit and scope of the invention as defined in the appendedclaims and equivalents thereof. Furthermore, while the present inventionhas been described in particular embodiments, it should be appreciatedthat the present invention should not be construed as limited by suchembodiments, but rather construed according to the below claims.

What is claimed:
 1. A method for location distinction, comprising:determining a baseline temporal link signature of a channel between atransmitter located at a first location and a receiver at a secondlocation, wherein said baseline temporal link signature ischaracteristic of a first impulse response of at least one transmittedsignal over said channel, the transmitted signal comprising a pluralityof multipath signal components, each multipath signal componentincluding a time delay and an amplitude, wherein the baseline temporallink signature is based on the amplitude of each multipath signalcomponent at each time delay; receiving a signal at said receiver basedon a second transmitted signal from an unknown transmitter at an unknownlocation; determining a temporal link signature based on said secondsignal that is received, wherein said temporal link signature ischaracteristic of a second impulse response of said second transmittedsignal over an unknown channel between said unknown transmitter and saidreceiver; and detecting a change between said first location and saidsecond location by determining if said temporal link signature isdifferent from said baseline temporal link signature, wherein saiddetecting a change comprises: performing an authentication process withsaid transmitter; and detecting that said unknown transmitter is posingas said transmitter when said temporal link signature is different fromsaid baseline temporal link signature and when said authenticationprocess fails, wherein said second location of said receiver is static.2. The method of claim 1, wherein said detecting a change comprises:detecting a movement of said transmitter when said temporal linksignature is different from said baseline temporal link signature,wherein said second location of said receiver is static.
 3. The methodof claim 1, wherein said determining a temporal link signature furthercomprises: normalizing said second impulse response.
 4. The method ofclaim 1, wherein said determining a baseline temporal link signaturecomprises: storing a history of temporal link signatures determined froma plurality of transmitted signals from said transmitter; determining aplurality of distances between said temporal link signature and each ofsaid history of temporal link signatures; determining a closest distancein said plurality of distances; and selecting a representative temporallink signature from said history of temporal link signatures as saidbaseline temporal link signature, wherein said representative temporallink signature is associated with said closest distance.
 5. The methodof claim 4, wherein said detecting a change comprises: comparing saidclosest distance to a threshold; and detecting said change between saidfirst location and said second location when said closest distanceexceeds said threshold.
 6. The method of claim 4, wherein said detectinga change comprises: comparing said closest distance to a threshold;detecting no change between said first location and said second locationwhen said closest distance does not exceed said threshold; and addingsaid representative temporal link signature to said history of temporallink signatures.
 7. The method of claim 1, further comprising:determining said second transmitted signal from said received signal;comparing said second transmitted signal to an identification signalassociated with said transmitter; and presuming said unknown transmitteris said transmitter when said second transmitted signal is substantiallysimilar to said identification signal.
 8. A system for determininglocation distinction, comprising: a baseline temporal signature modulefor determining a baseline temporal link signature of a channel betweena transmitter located at a first location and a receiver at a secondlocation, wherein said baseline temporal link signature ischaracteristic of a first impulse response of at least one transmittedsignal over said channel, the transmitted signal comprising a pluralityof multipath signal components, each multipath signal componentincluding a time delay and an amplitude, wherein the baseline temporallink signature is based on the amplitude of each multipath signalcomponent at each time delay; said receiver for receiving a signal basedon a second transmitted signal from an unknown transmitter at an unknownlocation; a temporal link signature module for determining a temporallink signature based on said second signal that is received, whereinsaid temporal link signature is characteristic of a second impulseresponse of said second transmitted signal over an unknown channelbetween said unknown transmitter and said receiver; and a comparator fordetecting a change between said first location and said second locationby determining if said temporal link signature is different from saidbaseline temporal link signature, wherein said detecting a changecomprises: performing an authentication process with said transmitter;and detecting that said unknown transmitter is posing as saidtransmitter when said temporal link signature is different from saidbaseline temporal link signature and when said authentication processfails, wherein said second location of said receiver is static.
 9. Thesystem of claim 8, further comprising: a second receiver for receiving asecond signal based on said second transmitted signal, wherein saidsecond receiver is not co-located with said receiver, and wherein saidsecond receiver determines a second temporal link signature based onsaid second signal; and a central comparator for detecting said changebetween said first location and said second location based on saidtemporal link signature, said second temporal link signature, and saidbaseline temporal link signature.
 10. The system of claim 8, furthercomprising: a locator for determining a location of said unknowntransmitter based on said signal received at said receiver and saidsecond signal received at said second receiver.
 11. A method forlocation distinction, comprising: determining a baseline temporal linksignature of a channel between a transmitter located at a first locationand a receiver at a second location, wherein said baseline temporal linksignature is characteristic of a first impulse response of at least onetransmitted signal over said channel, the transmitted signal comprisinga plurality of multipath signal components, each multipath signalcomponent including a time delay and an amplitude, wherein the baselinetemporal link signature is based on the amplitude of each multipathsignal component at each time delay; receiving a signal at said receiverbased on a second transmitted signal from an unknown transmitter at anunknown location; determining a temporal link signature based on saidsecond signal that is received, wherein said temporal link signature ischaracteristic of a second impulse response of said second transmittedsignal over an unknown channel between said unknown transmitter and saidreceiver; and detecting a change between said first location and saidsecond location by determining if said temporal link signature isdifferent from said baseline temporal link signature, wherein saiddetermining a baseline temporal link signature comprises: storing ahistory of temporal link signatures determined from a plurality oftransmitted signals from said transmitter; determining a plurality ofdistances between said temporal link signature and each of said historyof temporal link signatures; determining a closest distance in saidplurality of distances; and selecting a representative temporal linksignature from said history of temporal link signatures as said baselinetemporal link signature, wherein said representative temporal linksignature is associated with said closest distance.
 12. A system fordetermining location distinction, comprising: a baseline temporalsignature module for determining a baseline temporal link signature of achannel between a transmitter located at a first location and a receiverat a second location, wherein said baseline temporal link signature ischaracteristic of a first impulse response of at least one transmittedsignal over said channel, the transmitted signal comprising a pluralityof multipath signal components, each multipath signal componentincluding a time delay and an amplitude, wherein the baseline temporallink signature is based on the amplitude of each multipath signalcomponent at each time delay; said receiver for receiving a signal basedon a second transmitted signal from an unknown transmitter at an unknownlocation; a temporal link signature module for determining a temporallink signature based on said second signal that is received, whereinsaid temporal link signature is characteristic of a second impulseresponse of said second transmitted signal over an unknown channelbetween said unknown transmitter and said receiver; and a comparator fordetecting a change between said first location and said second locationby determining if said temporal link signature is different from saidbaseline temporal link signature, wherein said determining a baselinetemporal link signature comprises: storing a history of temporal linksignatures determined from a plurality of transmitted signals from saidtransmitter; determining a plurality of distances between said temporallink signature and each of said history of temporal link signatures;determining a closest distance in said plurality of distances; andselecting a representative temporal link signature from said history oftemporal link signatures as said baseline temporal link signature,wherein said representative temporal link signature is associated withsaid closest distance.